This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author serhiy.storchaka
Recipients Iman Sharafaldin, belopolsky, christian.heimes, lukasz.langa, miss-islington, ned.deily, p-ganssle, serhiy.storchaka
Date 2020-07-26.14:19:48
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1595773189.08.0.0426520500882.issue41288@roundup.psfhosted.org>
In-reply-to
Content
I do not think it is a security issue. The crash cannot be triggered by the user input unless you accept the pickle data from untrusted sources, but in that case you are in large danger, because you allow executing arbitrary code.

The changes in this issue just help to debug in some cases when you play with pickle format. In any case thank you for your report.
History
Date User Action Args
2020-07-26 14:19:49serhiy.storchakasetrecipients: + serhiy.storchaka, belopolsky, christian.heimes, ned.deily, lukasz.langa, p-ganssle, miss-islington, Iman Sharafaldin
2020-07-26 14:19:49serhiy.storchakasetmessageid: <1595773189.08.0.0426520500882.issue41288@roundup.psfhosted.org>
2020-07-26 14:19:49serhiy.storchakalinkissue41288 messages
2020-07-26 14:19:49serhiy.storchakacreate